The Analysis of Approaches to the Problem of Information Security in the Processing of Personal Data

At the present time the issue of information security in the processing of personal data is gaining new importance and is becoming increasingly relevant. It should be noted that the priority is to protect various types of information with limited access: personal data, commercial, official, state secrets, etc. Such a category of information as personal data (PD) is especially sensitive to the problem of uncontrolled dissemination. Currently issues of internal security of information systems (IS) are relevant, including the issue of uncontrolled data dissemination caused by a markedly increasing number of recorded leaks of confidential information throughout the world. The accelerated development of information technologies causes the growth of the use of personal data, due to their cross-border movement and exchange. For example, in the course of its activities, state bodies, institutions, companies, etc. use personal data as basic when organizing various technological processes. With such technological and social expanded use of personal data, with the cross-border transmission and exchange increases the risk of their prohibited use. Therefore personal data is called today "new oil" and "currency of the economy." This paper examines the Russian and European approaches to ensuring information security in the processing of personal data. Special attention is paid to the use of the GDPR. In the practical part of the work, risks and threats to PD security at PJSC “Sberbank” were considered in order to create a set of recommendations for improving personal data protection measures at the selected enterprise.